aitzol
/
Plume
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cargo fmt

This commit is contained in:
Trinity Pointard 2020-10-04 12:18:54 +02:00
parent d626f3366d
commit 8975b0f9e9
2 changed files with 36 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
plume-models/src/config.rs
View File

@ -257,7 +257,7 @@ fn get_ldap_config() -> Option<LdapConfig> {
let tls = match tls.as_ref() { let tls = match tls.as_ref() {
"1" | "true" | "TRUE" => true, "1" | "true" | "TRUE" => true,
"0" | "false" | "FALSE" => false, "0" | "false" | "FALSE" => false,
_ => panic!("Invalid LDAP configuration : tls") _ => panic!("Invalid LDAP configuration : tls"),
}; };
let user_name_attr = var("LDAP_USER_NAME_ATTR").unwrap_or_else(|_| "cn".to_owned()); let user_name_attr = var("LDAP_USER_NAME_ATTR").unwrap_or_else(|_| "cn".to_owned());
let mail_attr = var("LDAP_USER_MAIL_ATTR").unwrap_or_else(|_| "mail".to_owned()); let mail_attr = var("LDAP_USER_MAIL_ATTR").unwrap_or_else(|_| "mail".to_owned());

47
plume-models/src/users.rs
View File

@ -1,8 +1,8 @@
use crate::{ use crate::{
ap_url, blocklisted_emails::BlocklistedEmail, blogs::Blog, config::CONFIG, db_conn::DbConn, follows::Follow, ap_url, blocklisted_emails::BlocklistedEmail, blogs::Blog, config::CONFIG, db_conn::DbConn,
instance::*, medias::Media, notifications::Notification, post_authors::PostAuthor, posts::Post, follows::Follow, instance::*, medias::Media, notifications::Notification,
safe_string::SafeString, schema::users, search::Searcher, timeline::Timeline, Connection, post_authors::PostAuthor, posts::Post, safe_string::SafeString, schema::users,
Error, PlumeRocket, Result, ITEMS_PER_PAGE, search::Searcher, timeline::Timeline, Connection, Error, PlumeRocket, Result, ITEMS_PER_PAGE,
}; };
use activitypub::{ use activitypub::{
activity::Delete, activity::Delete,
@ -14,7 +14,7 @@ use activitypub::{
use bcrypt; use bcrypt;
use chrono::{NaiveDateTime, Utc}; use chrono::{NaiveDateTime, Utc};
use diesel::{self, BelongingToDsl, ExpressionMethods, OptionalExtension, QueryDsl, RunQueryDsl}; use diesel::{self, BelongingToDsl, ExpressionMethods, OptionalExtension, QueryDsl, RunQueryDsl};
use ldap3::{LdapConn, SearchEntry, Scope}; use ldap3::{LdapConn, Scope, SearchEntry};
use openssl::{ use openssl::{
hash::MessageDigest, hash::MessageDigest,
pkey::{PKey, Private}, pkey::{PKey, Private},
@ -297,16 +297,23 @@ impl User {
if let Some(ldap) = CONFIG.ldap.as_ref() { if let Some(ldap) = CONFIG.ldap.as_ref() {
let mut ldap_conn = LdapConn::new(&ldap.addr).map_err(|_| Error::NotFound)?; let mut ldap_conn = LdapConn::new(&ldap.addr).map_err(|_| Error::NotFound)?;
let ldap_name = format!("{}={},{}", ldap.user_name_attr, name, ldap.base_dn); let ldap_name = format!("{}={},{}", ldap.user_name_attr, name, ldap.base_dn);
let bind = ldap_conn.simple_bind(&ldap_name, password).map_err(|_| Error::NotFound)?; let bind = ldap_conn
.simple_bind(&ldap_name, password)
.map_err(|_| Error::NotFound)?;
if bind.success().is_ok() { if bind.success().is_ok() {
let search = ldap_conn.search(&ldap_name, Scope::Base, "(|(objectClass=person)(objectClass=user))", vec![&ldap.mail_attr]) let search = ldap_conn
.search(
&ldap_name,
Scope::Base,
"(|(objectClass=person)(objectClass=user))",
vec![&ldap.mail_attr],
)
.map_err(|_| Error::NotFound)? .map_err(|_| Error::NotFound)?
.success() .success()
.map_err(|_| Error::NotFound)?; .map_err(|_| Error::NotFound)?;
for entry in search.0 { for entry in search.0 {
let entry = SearchEntry::construct(entry); let entry = SearchEntry::construct(entry);
let email = entry.attrs.get("mail") let email = entry.attrs.get("mail").and_then(|vec| vec.first());
.and_then(|vec| vec.first());
if email.is_some() { if email.is_some() {
let _ = ldap_conn.unbind(); let _ = ldap_conn.unbind();
return NewUser::new_local( return NewUser::new_local(
@ -337,7 +344,10 @@ impl User {
} else { } else {
return false; return false;
}; };
let name = format!("{}={},{}", ldap.user_name_attr, &self.username, ldap.base_dn); let name = format!(
"{}={},{}",
ldap.user_name_attr, &self.username, ldap.base_dn
);
if let Ok(bind) = conn.simple_bind(&name, password) { if let Ok(bind) = conn.simple_bind(&name, password) {
bind.success().is_ok() bind.success().is_ok()
} else { } else {
@ -352,35 +362,40 @@ impl User {
let local_id = Instance::get_local()?.id; let local_id = Instance::get_local()?.id;
let user = User::find_by_email(conn, ident) let user = User::find_by_email(conn, ident)
.or_else(|_| User::find_by_name(conn, ident, local_id)) .or_else(|_| User::find_by_name(conn, ident, local_id))
.and_then(|u| if u.instance_id == local_id { .and_then(|u| {
if u.instance_id == local_id {
Ok(u) Ok(u)
} else { } else {
Err(Error::NotFound) Err(Error::NotFound)
}
}); });
match user { match user {
Ok(user) if user.hashed_password.is_some() => { Ok(user) if user.hashed_password.is_some() => {
if bcrypt::verify(password, user.hashed_password.as_ref().unwrap()).unwrap_or(false) { if bcrypt::verify(password, user.hashed_password.as_ref().unwrap()).unwrap_or(false)
{
Ok(user) Ok(user)
} else { } else {
Err(Error::NotFound) Err(Error::NotFound)
} }
}, }
Ok(user) => { Ok(user) => {
if user.ldap_login(password) { if user.ldap_login(password) {
Ok(user) Ok(user)
} else { } else {
Err(Error::NotFound) Err(Error::NotFound)
} }
}, }
e => { e => {
if let Ok(user) = User::ldap_register(conn, ident, password) { if let Ok(user) = User::ldap_register(conn, ident, password) {
return Ok(user); return Ok(user);
} }
let other = User::get(&*conn, 1).expect("No user is registered").hashed_password; let other = User::get(&*conn, 1)
.expect("No user is registered")
.hashed_password;
other.map(|pass| bcrypt::verify(password, &pass)); other.map(|pass| bcrypt::verify(password, &pass));
e e
}, }
} }
} }